20080212
- Feature: check_reverse_client_access, to make access decisions
- based on the unverified client hostname. For safety reasons
- an OK result is not allowed. Noel Jones. Files:
- smtpd/smtpd_check.c plus header files and documentation.
+ Feature: check_reverse_client_hostname_access, to make
+ access decisions based on the unverified client hostname.
+ For safety reasons an OK result is not allowed. Noel Jones.
+ Files: smtpd/smtpd_check.c plus header files and documentation.
20080215
- Safety: break SASL loop in case both the SASL library and the
- remote SMTP server are confused. File: smtp/smtp_sasl_glue.c.
+ Safety: break SASL loop in case both the SASL library and
+ the remote SMTP server are confused. File: smtp/smtp_sasl_glue.c.
+
+20080220
+
+ Safety: the master daemon now sets an exclusive lock on a
+ file $data_directory/master.lock, so that the data directory
+ can't be shared between multiple Postfix instances. This
+ would corrupt files that rely on single-writer updates
+ (examples: verify(8) cache, tlsmgr(8) caches, etc.). File:
+ master/master.c.
D\bDe\beb\bbu\bug\bgg\bgi\bin\bng\bg y\byo\bou\bur\br a\bad\bdd\bdr\bre\bes\bss\bs m\bma\ban\bni\bip\bpu\bul\bla\bat\bti\bio\bon\bns\bs
-With Postfix version 2.1 and later you can ask Postfix to produce mail delivery
-reports for debugging purposes. These reports not only show sender/recipient
-addresses after address rewriting and alias expansion or forwarding, they also
-show information about delivery to mailbox, delivery to non-Postfix command,
-responses from remote SMTP servers, and so on.
+Postfix version 2.1 and later can produce mail delivery reports for debugging
+purposes. These reports not only show sender/recipient addresses after address
+rewriting and alias expansion or forwarding, they also show information about
+delivery to mailbox, delivery to non-Postfix command, responses from remote
+SMTP servers, and so on.
Postfix can produce two types of mail delivery reports for debugging:
D\bDe\beb\bbu\bug\bgg\bgi\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx f\bfr\bro\bom\bm i\bin\bns\bsi\bid\bde\be
-With Postfix version 2.1 and later you can ask Postfix to produce mail delivery
-reports for debugging purposes. These reports not only show sender/recipient
-addresses after address rewriting and alias expansion or forwarding, they also
-show information about delivery to mailbox, delivery to non-Postfix command,
-responses from remote SMTP servers, and so on.
+Postfix version 2.1 and later can produce mail delivery reports for debugging
+purposes. These reports not only show sender/recipient addresses after address
+rewriting and alias expansion or forwarding, they also show information about
+delivery to mailbox, delivery to non-Postfix command, responses from remote
+SMTP servers, and so on.
Postfix can produce two types of mail delivery reports for debugging:
<h2> <a name="debugging"> Debugging your address manipulations </a> </h2>
-<p> With Postfix version 2.1 and later you can ask Postfix to
+<p> Postfix version 2.1 and later can
produce mail delivery reports for debugging purposes. These reports
not only show sender/recipient addresses after address rewriting
and alias expansion or forwarding, they also show information about
<h2><a name="trace_mail">Debugging Postfix from inside</a> </h2>
-<p> With Postfix version 2.1 and later you can ask Postfix to
+<p> Postfix version 2.1 and later can
produce mail delivery reports for debugging purposes. These reports
not only show sender/recipient addresses after address rewriting
and alias expansion or forwarding, they also show information about
becomes, for example, "postfix/smtpd".
<b>FILES</b>
- /etc/postfix/<a href="postconf.5.html">main.cf</a>, global configuration file.
- /etc/postfix/<a href="master.5.html">master.cf</a>, master server configuration file.
- /var/spool/postfix/pid/master.pid, master lock file.
+ To expand the directory names below into their actual val-
+ ues, use the command "<b>postconf <a href="postconf.5.html#config_directory">config_directory</a></b>" etc.
+
+ $<a href="postconf.5.html#config_directory">config_directory</a>/<a href="postconf.5.html">main.cf</a>, global configuration file.
+ $<a href="postconf.5.html#config_directory">config_directory</a>/<a href="master.5.html">master.cf</a>, master server configuration file.
+ $<a href="postconf.5.html#queue_directory">queue_directory</a>/pid/master.pid, master lock file.
+ $<a href="postconf.5.html#data_directory">data_directory</a>/master.lock, master lock file.
<b>SEE ALSO</b>
<a href="qmgr.8.html">qmgr(8)</a>, queue manager
syslogd(8), system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
.SH "FILES"
.na
.nf
-/etc/postfix/main.cf, global configuration file.
-/etc/postfix/master.cf, master server configuration file.
-/var/spool/postfix/pid/master.pid, master lock file.
+.ad
+.fi
+To expand the directory names below into their actual values,
+use the command "\fBpostconf config_directory\fR" etc.
+.na
+.nf
+
+$config_directory/main.cf, global configuration file.
+$config_directory/master.cf, master server configuration file.
+$queue_directory/pid/master.pid, master lock file.
+$data_directory/master.lock, master lock file.
.SH "SEE ALSO"
.na
.nf
<h2> <a name="debugging"> Debugging your address manipulations </a> </h2>
-<p> With Postfix version 2.1 and later you can ask Postfix to
+<p> Postfix version 2.1 and later can
produce mail delivery reports for debugging purposes. These reports
not only show sender/recipient addresses after address rewriting
and alias expansion or forwarding, they also show information about
<h2><a name="trace_mail">Debugging Postfix from inside</a> </h2>
-<p> With Postfix version 2.1 and later you can ask Postfix to
+<p> Postfix version 2.1 and later can
produce mail delivery reports for debugging purposes. These reports
not only show sender/recipient addresses after address rewriting
and alias expansion or forwarding, they also show information about
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20080216"
+#define MAIL_RELEASE_DATE "20080220"
#define MAIL_VERSION_NUMBER "2.6"
#ifdef SNAPSHOT
master.o: ../../include/mymalloc.h
master.o: ../../include/open_lock.h
master.o: ../../include/safe.h
+master.o: ../../include/set_eugid.h
master.o: ../../include/stringops.h
master.o: ../../include/sys_defs.h
master.o: ../../include/vbuf.h
/* The mail system name that is prepended to the process name in syslog
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* FILES
-/* /etc/postfix/main.cf, global configuration file.
-/* /etc/postfix/master.cf, master server configuration file.
-/* /var/spool/postfix/pid/master.pid, master lock file.
+/* .ad
+/* .fi
+/* To expand the directory names below into their actual values,
+/* use the command "\fBpostconf config_directory\fR" etc.
+/* .na
+/* .nf
+/*
+/* $config_directory/main.cf, global configuration file.
+/* $config_directory/master.cf, master server configuration file.
+/* $queue_directory/pid/master.pid, master lock file.
+/* $data_directory/master.lock, master lock file.
/* SEE ALSO
/* qmgr(8), queue manager
/* verify(8), address verification
#include <clean_env.h>
#include <argv.h>
#include <safe.h>
+#include <set_eugid.h>
/* Global library. */
int main(int argc, char **argv)
{
static VSTREAM *lock_fp;
+ static VSTREAM *data_lock_fp;
VSTRING *lock_path;
+ VSTRING *data_lock_path;
off_t inherited_limit;
int debug_me = 0;
int ch;
* isn't locked.
*/
lock_path = vstring_alloc(10);
+ data_lock_path = vstring_alloc(10);
why = vstring_alloc(10);
vstring_sprintf(lock_path, "%s/%s.pid", DEF_PID_DIR, var_procname);
msg_fatal("cannot update lock file %s: %m", vstring_str(lock_path));
close_on_exec(vstream_fileno(lock_fp), CLOSE_ON_EXEC);
+ /*
+ * Lock down the Postfix-writable data directory.
+ */
+ vstring_sprintf(data_lock_path, "%s/%s.lock", var_data_dir, var_procname);
+ SAVE_AND_SET_EUGID(var_owner_uid, var_owner_gid);
+ data_lock_fp =
+ open_lock(vstring_str(data_lock_path), O_RDWR | O_CREAT, 0644, why);
+ RESTORE_SAVED_EUGID();
+ if (data_lock_fp == 0)
+ msg_fatal("open lock file %s: %s",
+ vstring_str(data_lock_path), vstring_str(why));
+ vstream_fprintf(data_lock_fp, "%*lu\n", (int) sizeof(unsigned long) * 4,
+ (unsigned long) var_pid);
+ if (vstream_fflush(data_lock_fp))
+ msg_fatal("cannot update lock file %s: %m", vstring_str(data_lock_path));
+ close_on_exec(vstream_fileno(data_lock_fp), CLOSE_ON_EXEC);
+
+ /*
+ * Clean up.
+ */
vstring_free(why);
vstring_free(lock_path);
+ vstring_free(data_lock_path);
/*
* Optionally start the debugger on ourself.
if (myflock(vstream_fileno(lock_fp), INTERNAL_LOCK,
MYFLOCK_OP_EXCLUSIVE) < 0)
msg_fatal("refresh exclusive lock: %m");
+ if (myflock(vstream_fileno(data_lock_fp), INTERNAL_LOCK,
+ MYFLOCK_OP_EXCLUSIVE) < 0)
+ msg_fatal("refresh exclusive lock: %m");
#endif
watchdog_start(watchdog); /* same as trigger servers */
event_loop(-1);
projects / thirdparty / postfix.git / commitdiff
